Secure Thingz, a domain expert in security for microcontrollers and embedded systems, announced its efforts to build a secure manufacturing solution for the industry-leading STM32 microcontroller family, that provides best-in-class protection of connected, smart devices. The company will demonstrate its secure manufacturing solution at embedded world 2018, from February 27 to March 1, in Nuremberg, Germany, at the STMicroelectronics booth (Hall 4A-138).

Connected devices form the backbone of the Internet of Things (IoT) and play mission-critical roles in infrastructure, industrial, automotive, healthcare and many other markets. Delivering completely secure embedded systems is a major challenge, and device manufacturers must continuously innovate to thwart hackers and prevent attacks and counterfeiting. Creating a complete chain of trust from device inception is essential to protecting identity, personal information, physical assets, and intellectual property.

Under the new secure manufacturing solution, the chain of trust begins with an integrated certificate and secure firmware loader built into ST’s STM32 microcontroller (MCU). On top of this, a custom Secure Boot Manager (SBM) from Secure Thingz may be securely provisioned into the MCUs to provide extensive lifecycle security, including secure provisioning of certificates, secure application loading, secure firmware updates, and enhanced secure application development in partnership with industry-leading tool vendors. The flow also includes an application programming interface (API) from Secure Thingz to be used for authentication and certification. The flow is targeted for the Arm® Cortex®-M-core STM32 family of devices, and it is compliant with the recently announced Platform Security Architecture from Arm, as a major enabler for best-in-class, cost-effective cybersecurity.

Currently, the Secure Thingz flow is supported on ST’s STM32H7 MCU devices, which integrate multiple hardware-based security features to simplify the protection of embedded applications and global IoT systems against attacks like eavesdropping, spoofing, or man-in-the-middle interception. In addition, secure firmware loading enables OEMs to ensure their products can be programmed safely and securely, even off-site at a contract manufacturer or programming house, inhibiting the intercepting, copying, or tampering of code. When combined with the Secure Thingz SBM, the security capabilities enable the programming and authentication of devices to establish a root-of-trust mechanism required for the device to be securely connected to the end-user’s network and remotely updated over the air (OTA) to apply security patches or feature upgrades throughout the lifetime of the device.

In addition to the ST booth, Secure Thingz will also demonstrate its secure manufacturing solution at embedded world 2018 at the IAR Systems booth (Hall 4-216).